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ABSTRACT 

In this research, we examine and evaluate intrusion detection systems for cyber security in Agriculture 4.0. 
In particular, we outline the assessment criteria and cyber security risks that are utilised to assess an intrusion 
detection system's effectiveness for Agriculture 4.0. Then, we assess intrusion detection systems in light of 
cutting-edge technological developments, such as cloud computing, fog/edge computing, network 
virtualization, Internet of Things, autonomous tractors, drones, industrial agriculture, and smart grids. We 
offer a thorough classification of intrusion detection systems in each developing technology, based on the 
machine learning approach utilised. In addition, we provide public datasets and the frameworks used for 
implementation that were used to assess intrusion detection systems' performance for Agriculture 4.0. Lastly, 
we discuss the obstacles and potential lines of inquiry for future studies in intrusion detection for cyber 
security in Agriculture 4.0. Based on several technical paradigms, a new industrial revolution is underway. 
"Industry 4.0" (14.0) is a concise way to communicate the desire to promote and direct this phenomena. 
Projects falling under this umbrella term are united by the belief that numerous critical technologies 
supporting Big Data Analytics and Cyber-Physical Systems are merging to form a new, highly automated, 
distributed, and dynamic production network. To ensure that this process proceeds smoothly and on schedule, 
new laws and cultural norms must be put in place. In this paper, we exclusively address the technological 
side, emphasising the exceptional 14.0 complexity that has been documented in the scientific literature. 
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1.INTRODUCTUON industrialised agricultural production patterns, 


and the industrialised agri-food supply chain. 
The agricultural sector had significant 


transformations over the preceding three In addition, five cutting-edge technologies are 
industrial revolutions, moving from traditional explored in relation to Agriculture 4.0: 
farming to mechanised farming and, more blockchain, robots, artificial intelligence, big data 
recently, precision agriculture. Although the analytics, and the Internet of Things. We 
industrial farming paradigm significantly specifically concentrate on the major uses of these 
increases production, a number of issues have cutting-edge technologies in the field of 
slowly surfaced and become worse recently. It is agriculture and the associated research 
anticipated that Industry 4.0 will propel the fourth difficulties. The purpose of this study is to 
agricultural revolution and once again transform introduce readers, especially industry 
the agriculture sector. The current state of practitioners, to new avenues for research. While 
industrial agriculture is reviewed in this study, earlier research has concentrated on one or up to 
along with the lessons that may be drawn from four related enablers, we take a look at ten 
industrialised agricultural production methods, technological enablers, which include the 


frequently mentioned Big Data, Internet of 
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Things, and Cloud Computing as well as less 
common ones like Fog and Mobile Computing, 
Artificial Intelligence, Human-Computer 
Interaction, Robotics, and Open-Source Software, 
Blockchain, and the Internet. We examine the key 
features of each in light of 14.0 and its dependency 
on other enablers. Lastly, we offer a thorough 
examination of the difficulties in utilising each of 
14.0's enablers, highlighting potential obstacles 
that may need to be surmounted and suggesting 


<— Indigenous tool —> 


<—— Mechanization —> 


potential lines of inquiry for further study. Our 
objective is to serve as a reference for both 
laypeople seeking a high-level understanding of 
the variety (and frequently lengthy history) of the 
scientific research supporting Industry 4.0 and 
experts in some of the technological fields 
involved in exploring integration and 
hybridization possibilities with other fields. 


<—— Electronics ——-> << Intelligence ——-> 
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Figure 1. The Development Of Agricultural Revolutions With Industrial Revolutions And Related Cyber Security 


As shown in Fig. 1, the agricultural and industrial 
revolution has progressed through four 
generations: Agriculture 1.0, Agriculture 2.0, 
Agriculture 3.0, and Agriculture 4.0. Agriculture 
1.0 describes agricultural practises from the dawn 
of human civilization until the end of the 19th 
century, when farmers mainly relied on archaic 
farming implements like the plough to prepare the 
ground for planting seeds and growing plants. The 
rise in agricultural output at the start of the 20th 
century was dubbed "Agriculture 2.0" because it 
made use of trucks, tractors, aeroplanes, 
helicopters, irrigation, harvesting, combines, and 
other agricultural gear. Agriculture 3.0, which is 
centred on renewable green energy sources 
including geothermal, solar, wind, hydropower, 
and bioenergy, emerged in the early 1970s and 
continues to this day [1]. 


Threats. 


2.RELATED WORK 


Cyberattacks are increasingly targeting Critical 
National Infrastructures (CNIs), which include 
ports, gas and water distributors, hospitals, and 
energy suppliers. CNIs primarily rely on 
Industrial Control Systems (ICS), also known as 
Supervisory Control and Data Acquisitions 
(SCADA), to oversee their production. The 
protection of ICSs and CNIs is now a crucial 
problem that needs to be taken into account at the 
national, international, and organisational levels. 
For example, Europe has produced several laws 
and legislation in recent years to try to build a 
logical framework for safeguarding networks, 
information, and electronic communications in 
order to deal with the growing risk of CNIs. To 
address the legal, organisational, capacity- 
building, and technological components of cyber 
security, particular security measures are also 
required in addition to rules, directives, and 
policies [1]. 
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Systems with intrusion detection systems (IDS) 
[2] make up a system's second line of defence. To 
further protect the systems from cyberattacks, 
IDSs may be used in conjunction with other 
security measures including access control, 
authentication procedures, and encryption 
techniques. IDSs are able to differentiate between 
malicious and benign activity by using rules that 
specify a particular attack or patterns of benign 
traffic [3]. Data mining, which is used to 
characterise knowledge discovery, can assist in 
the development and deployment of intrusion 
detection systems (IDSs) with more accuracy and 
resilient behaviour in contrast to traditional IDSs, 
which might not be as successful against 
contemporary sophisticated cyberattacks [5]. 


Industry 4.0 has made extensive use of these 
cutting-edge technologies, and it is simple to 
mimic their use in agricultural settings. Therefore, 
since the deployment of thousands of IoT-based 
devices is in an open field, the main problem in 
establishing Agriculture 4.0 lies not in the 
deployment of future technologies but rather in 
ensuring security and privacy. Every layer of the 
IoT architecture also has a number of security and 
privacy concerns [6]. For instance, a hostile party 
might use a variety of cyberattacks, such as 
distributed denial-of-service (DDoS) assaults, to 
bring down a service and subsequently introduce 
fake data, so compromising agricultural 
production, food safety, and the effectiveness of 
the agri-food supply chain. The intrusion 
detection system (IDS) is a technology for 
network security that is devoted to continuously 
monitoring events within a computing or 
networking system and comparing them to 
intrusion evidence. It is recommended for use by 
the cyber security research community [7]. The 
use of the IDS in conjunction with other security 
technologies, including as blockchain, 
authentication, authorization, and encryption 
approaches, can further safeguard Agriculture 4.0 
against cyberattacks [9]. 


Numerous related papers that address machine 
learning methods for intrusion detection systems 
can be found in the literature. The studies are 
categorised according to the following criteria, as 
shown in Table I: 

Deep learning techniques: this indicates whether 
or not the study's emphasis was on deep learning 
techniques for intrusion detection systems. 


It shows whether or not machine learning 
techniques for intrusion detection systems were 
taken into account in the study. Assessment of 
deep learning techniques: it signifies if the 
research assesses deep learning techniques for 
intrusion detection systems. Assessment of 
machine learning techniques: it signifies if the 
research assesses machine learning techniques for 
intrusion detection systems. 


Intrusion detection system (IDS) datasets: this 
shows if the study's focus was on these datasets. 


Ring et al. [14] just published their work on 
intrusion detection datasets. The study 
specifically offers 34 datasets and defines 15 traits 
for each of them. General Information, 
Evaluation, Recording Environment, Data 
Volume, Nature of the Data, and General 
Information are the five areas into which these 
attributes are divided. A study of the machine 
learning techniques employed by intrusion 
detection systems was published by Buczak et al. 
[8]. The datasets in this study were divided into 
three categories: 1) packet-level data; 2) network 
flow data; and 3) public datasets. Furthermore, the 
study offered a computational complexity—that 
is, a time complexity—for every machine 
learning and mining technique that the intrusion 
detection system employed. A comparative 
analysis of intrusion detection techniques in the 
internet of things (IoT) was presented by Zarpelao 
et al. [11]. IDSs for IoT were categorised in the 
study according to security threat, IDS installation 
method, and detection strategy. Milenkoski et al. 
[9] examined current systems in relation to each 
of the common assessment parameters— 
workloads, metrics, and technique—to give 
common practises in cyber security intrusion 
detection. Our research and four other papers 
concentrate on deep learning techniques intended 
for the identification of cyber security intrusions. 
These publications, however, do not provide a 
dataset-by-dataset comparison of deep learning 
algorithms. To the best of our knowledge, this is 
the first research to compare deep learning for 
intrusion detection systems and to cover 
techniques, datasets, and other aspects in detail. 


ABCIS 


ABCIS is the combination of Artificial 
Intelligence, Blockchain Technology, Cloud 
computing, IoT and Software Defined Networks 
(SDN) and it is an emerging technology. 
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Industry 4.0, which is defined by a confluence of 
emerging technologies like Blockchain, software- 
defined networking (SDN), artificial intelligence, 
Internet of Things (IoT), IoT devices, 5G 
communications, drones, fog/edge computing, 
cloud computing, network function virtualization 
(NFV), smart grids, etc., preceded the term 
"Agriculture 4.0" [2], [3]. Fig. 1 displays the 
Agriculture 4.0 diagram. In the physical layer, a 
range of IoT devices (such as sensors and 
cameras) and drones are used to gather data on 
soil moisture, crop images, animal behaviour 
analysis, and health monitoring in order to 
monitor agricultural environmental conditions. 


When the data fulfils certain criteria, various 
actuators (such as autonomous tractors, 
insecticidal lights, feeding machines, and 
irrigation equipment) are turned on, which 


production and management. In addition, smart 
grid architecture and new energy technologies 
like solar and wind power help supply energy for 
IoT devices in Agriculture 4.0 [4]. Intelligent 
agriculture devices use the wireless network to 
send data to the Edge/Fog node and sink node at 
the network layer. This creates a variety of 
networks, such as the mesh network (based on 
ZigBee), the star network (based on LoRa), the 
GSM network (4G/5G based), and SDN (which 
includes control and data panes) [5]. Application- 
layer cloud computing is used to analyse data 
stored in a distributed database to help in 
decision-making related to agriculture production 
and management. Higher timeliness task 
implementation is achieved through the usage of 
edge/fog computing. Furthermore, a Smart Grid's 
electrical equipment operating status is often 
tracked by the supervisory control and data 
acquisition (SCADA) system. 


encourages the automation of agricultural 
Table 1. Related Surveys On Agriculture 4.0 
Public Intrusion Machine leaming 
Year Authors detection and deep learning Main focus/contributions 
datasets P i 
i systems approaches 
2017 Ray [22] Nö Nö No IoT deployments in terms of hardware platforms and communication 
= ee 3 technologies 
2018 SoN Prenafeta- No No Yes A review on the deep learning approaches applied in agriculture 
2018 Elijah et al. [24] No No No An overview of data analytics and IoT in agriculture 
2019 Khanna and Kaur [25 No No No A review of IoT in the field of precision agriculture 
Pp £ 
2020 Zhai et al. [26] No No No Feasibility of decision support systems for Agriculture 4.0 
Address the main applications of evolving technologies in the 
2021 Liuetal. [1] No No No agricultural sector such as big data analytics, robotics, Artificial 
Intelligence, etc. 
i Discuss security and privacy challenges as well as technologies and 

2021 Yang etal. [27] No No No development modes in Smart Agriculture 
2021 Friha et al. [28] No No No Review emerging technologies for IoT-based Intelligent Agriculture. 

Gürsey ves Ves yes A survey that covers IDS models, public datasets, and deep learning 


Industry 4.0 has made extensive use of these 
cutting-edge technologies, and it is simple to 
mimic their use in agricultural settings. Therefore, 
since the deployment of thousands of IoT-based 
devices is in an open field, the main problem in 
establishing Agriculture 4.0 lies not in the 
deployment of future technologies but rather in 
ensuring security and privacy. Every layer of the 
IoT architecture also has a number of security and 
privacy concerns [6]. For instance, a hostile party 
might use a variety of cyberattacks, such as 
distributed denial-of-service (DDoS) assaults, to 
bring down a service and subsequently introduce 
fake data, so compromising agricultural 
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approaches 


production, food safety, and the effectiveness of 
the agri-food supply chain. The intrusion 
detection system (IDS) is a technology for 
network security that is devoted to continuously 
monitoring events within a computing or 
networking system and comparing them to 
intrusion evidence. It is recommended for use by 
the cyber security research community [7], [8]. 
The use of the IDS in conjunction with other 
security technologies, including as blockchain, 
authentication, authorization, and encryption 
approaches, can further safeguard Agriculture 4.0 
against cyberattacks [9]. 
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Table 2. Related Surveys on the IDSs Based on Machine Learning Techniques 


Open challenges 


A = Public etc ek and future research 
Year Authors Taxonomy r peeta - datasets for ee oppor tunities for 
ae Agriculture 4.0 
2016 Buczak and Guven [10] - Machine learning techniques No Partial No No 
2019 Kwon etal. [11] - Deep learning techniques No No No No 
2020 Al-Garadi ef al. [12] - Deep learning techniques No No No No 
2019 Mishra etal. [13] - Machine learning techniques No Yes No No 
2019 da Costa ef al. [14] - Machine learning techniques No Partial No No 
2019 Chaabouni et al. [15] - IoT threats classification No Yes No No 
2019 Liu and Lang [16] - Machine learning and deep learning techniques No No No No 
2019 Sultana ef al. [17] - SDN No No No No 
2020 = Ahmad et al. [18] - SDN No No No No 
2020 Ferrag et al. [9] - Deep learning techniques No Yes No No 
2021 Ahmad et al. [19] - Machine learning and deep learning techniques No No No No 
2021 Mohammadi et al. [20] - Support vector machines No No No No 
- Cloud computing-enabled Agriculture 4.0 Yes Yes Yes Yes 
- Fog/Edge-enabled Agriculture 4.0 
- SDN/NFV-enabled Agriculture 4.0 
— - Drones-enabled Agriculture 4.0 
- Autonomous tractors-enabled Agriculture 4.0 
- IoT devices-enabled Agriculture 4.0 
- Industrial Agriculture 4.0 
- Smart Grid-enabled Agriculture 4.0 
Artificial intelligence-based methods, including public datasets, advantages of IDS, open 


hybrid machine learning, voting-based extreme 
learning machines, deep learning techniques, 
hierarchical approaches, reinforcement learning, 
etc., are used by IDSs to identify harmful 
behaviours. The machine learning-based IDSs 
have been the subject of several surveys. The 
relevant surveys on machine learning-based IDSs 
are shown in Table I. IDSs based on machine 
learning methods deep learning approaches [11], 
and [12] were the subject of several surveys. 
SCADA systems , SDN technologies and IoT 
networks [14], [15] were the subjects of certain 
surveys. This survey, on the other hand, suggests 
seven taxonomies pertaining to Agriculture 4.0 
(cloud computing enabled), Agriculture 4.0 
(fog/edge enabled), Agriculture 4.0 (SDN/NFV 
enabled), Agriculture 4.0 (drone enabled), 
Agriculture 4.0 (autonomous tractor enabled), 
Agriculture 4.0 (IoT device enabled), Agriculture 
4.0 (industrial agriculture enabled), and 8) 
Agriculture 4.0 (smart grid enabled). 
Furthermore, by addressing innovative security 
themes including the IDS development process, 
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problems, and future research potential for 
Agriculture 4.0, it offers a more thorough review. 


3. CYBER SECURITY 


While Agriculture 4.0 is meant to be the new 
norm, certain risks might limit its popularity and 
prevent it from being widely adopted. Some of 
those hazards, like severe weather, have a history 
of continuing over time. While others are linked 
to the widespread advancement of technical 
solutions, which have led to significant security 
flaws and dangerous attack vectors like 
ransomware, supply chain assaults, Internet of 
Things attacks, and several others. 


Cyber Security Threats in Agriculture 4.0 


For precision agriculture, the U.S. Department of 
Homeland Security identified three main areas of 
cyber threats: those pertaining to availability, 
confidentiality, and integrity. 
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Figure 2. Flowchart Of The 


Threats to Confidentiality: In intelligent 
agriculture, data travels from one linked 
equipment to another via a multitude of 
communication methods. Threats to privacy can 
result in data or information breaches as well as 
privacy loss [29]. Information on yields, farmland 
values, and animal health, for example, should be 
kept private as farmers are fiercely protective of 
this information. Farmers may suffer severe 
financial, emotional, and reputational 
repercussions if they misplace or misuse this data. 


2) Threats to Integrity: To assist farmers in 
making wise management decisions in real time, 
gathering and using data is a crucial first step. 
Information from Intelligent Agricultural 
Systems may become erroneous or unreliable due 
to potential unauthorised or improper changes to 
the dependability of data or resources, which may 
lead to potential financial exploitation. 


Threats Related to Availability: Inability to offer 
clients accessible services may result in 
disruptions to business operations, as well as a 
potential loss of clientele and revenue. For 
instance, food security would be disrupted and the 
equipment maker would suffer a significant loss 
of reputation if an attacker were to halt the 
operations of an already-existing Intelligent 
Agriculture Network. 


IDS Methodology. 


An IDS's efficacy and efficiency may be assessed 
using a variety of measures, the majority of which 
fall into one of two categories: performance-based 
metrics or security-based metrics. 


1) Metrics Based on Security: The efficacy of the 
IDS in differentiating between invasive and non- 
intrusive activities is described by the metrics in 
this area. Since an IDS is a binary classifier, its 
outputs can be any of the following: True positive 
(TP) refers to an intrusion that is correctly 
classified as an intrusive action; true negative 
(TN) is the proper classification of a legitimate 
action as legitimate; false positive (FP) refers to 
the incorrect classification of a legitimate action 
as an intrusion; and false negative (FN) refers to 
the incorrect classification of an intrusion as a 
legitimate action [31]. Among the well-known 
measures in this area are: 


Confusion matrix: This measure shows the 
classification's outcome. For example, it displays 
the classification's true and false findings. When 
it comes to binary classification, it can have 
dimensions; but, when it comes to multi-class 
classifiers with distinct classes, it can also have 
dimensions. The confounding matrix is a baseline 
of metrics from which other efficacy indicators 
can be measured, even though it is not a metric in 
and of itself. 


nnn 


5306 


Journal of Theoretical and Applied Information Technology 
31% May 2024. Vol.102. No. 10 


© Little Lion Scientific 


ISSN: 1992-8645 


www.jatit.org 


SATIT 


E-ISSN: 1817-3195 


4. IDS SOLUTIONS FOR AGRICULTURE 
4.0 


Numerous cutting-edge technologies are used in 
agriculture 4.0, including cloud computing, 
fog/edge computing, SDN/NFV, drones, IoT 
devices, smart grids, and autonomous tractors. 


We examine and analyse the IDSs that employ 
machine learning and deep learning approaches 
for cyber security in Agriculture 4.0 based on 
these new technologies. 


Because Agriculture 4.0 uses a variety of IoT 
devices, there are a lot of new vulnerabilities in 
the cloud environment because these devices are 
easily targeted by security assaults. Three kinds of 
IDSs are available for Cloud computing-enabled 
Agriculture 4.0: 1) Game theory-based, 2) Hybrid 
machine learning, and 3) Voting based extreme 
learning machine. 


The GTM-CSec model is built on three 
approaches: the signature, anomaly, and honeypot 
techniques. It consists of two basic components: 
cooperative and non-cooperative games. 


The four components that use these procedures 
are perception, logical analysis, computational 
analysis, and decisive analysis. The analysis of 
the GTM-CSec model's performance using 
reward functions and probabilities in MATLAB 
demonstrated that it is highly effective at 
deterring attacks and can enhance the defence 
mechanism's electricity consumption. 


2) Hybrid Machine Learning: Rabbani et al. [6] 
developed a hybrid machine learning system that 
is based on extracting users' behavioural patterns 
to identify dangerous behaviours in the cloud 
computing environment. This system is based on 
tracking user patterns of behaviour. The 
suggested approach makes use of particle swarm 
optimization-based probabilistic neural networks 
(PSO-PNN) to build an automatically optimised 
network. The UNSW-NB15 dataset was utilised 
in the study, and it contains characteristics that are 
provided in both qualitative and quantitative (i.e., 
numerical and symbolic) formats. According to 
the testing results, the PSO-PNN technique has a 
high degree of accuracy when it comes to 
identifying suspicious activity. 


3) Voting Based Extreme Learning Machine: 
Kushwah and Ranga [7] examined a cloud 
infrastructure that has a detector connected. The 
infrastructure is composed of three parts: a 
training database, a preprocessor, and a classifier. 
As shown in Fig. 4, the detector recognises DDoS 
threats in a cloud computing context using a 
voting extreme learning machine. The NSL-KDD 
dataset and the ISCX dataset were the two 
datasets used in the investigation. The suggested 
approach offers excellent accuracies of 99.18% 
and 92.11% with the NSL-KDD and ISCX 
datasets, respectively, according to the 
experimental findings. 


Using online multivariate statistical change 
analysis, Aldribi et al. [8] created an intrusion 
detection system (IDS) based on a hypervisor to 
identify unusual cloud behaviour. The study 
validated the suggested cloud intrusion detection 
methodology using the ISOT-CID dataset. 
According to the experimental findings, the 
suggested system has a 96.23% overall detection 
rate and a 7.56% false-positive rate. 


Based on the Industrial Control System Cyber 
attack Dataset, the RSL-KNN framework system 
demonstrated 91.07% and 96.73% detection 
accuracies under multi-class and binary class 
classification, respectively, according to the 
performance evaluation. 


Fig. 7 illustrates how blockchain technology and 
machine learning-based IDSSs are used to 
provide Agriculture 4.0 cyber security. 


Zhou et al. [5] presented an IDS based on feature 
selection and ensemble classifier approaches that 
may be used for SDN/NFV-based Agriculture 4.0. 
A heuristic algorithm is employed to reduce 
dimensionality. For attack recognition, classifier 
approaches such as Random Forest and C4.5 are 
employed. 


In the experimental phase, Weka 3.8.3 is utilised 
with the NSL-KDD, AWID, and CIC-IDS2017 
datasets. The findings indicate that the suggested 
method achieves detection accuracy of 98.3% and 
99.3% for C4.5 and Random Forest classifiers, 
respectively. An intrusion detection method 
called KPCA-DEGSAHKELM was developed by 
Lv et al. [66] using an extreme learning machine 
with a hybrid kernel function. This method may 
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be employed for SDN/NFV-based Agriculture 
4.0. The KPCA-DEGSAHKELM system, a 
hybrid method that combines the differential 
evolution algorithm with the gravitational search 
algorithm, is used to identify threats. The 
industrial intrusion detection dataset, UNSW- 
NB15 dataset, and KDD99 dataset are used to 
evaluate performance. The results demonstrate 
that the KPCA-DEGSA-HKELM system can 
achieve greater computational efficiency with 
savings of 82.21%. 


Velliangiri and Karthikeyan [7] developed a 
hybrid optimisation strategy based on adaptive 
artificial bee colony optimisation and adaptive 
particle swarm optimisation techniques to 
increase the rate of precision in incursion 
operations. Four steps make up the hybrid 
optimisation scheme: i) selecting the dataset; ii) 
preprocessing the data; iii) selecting a feature; and 
iv) hybrid categorization. When compared to 
naive bayes and the support vector machine, the 
hybrid optimisation scheme's accuracy increases 
to 94.23% and 97.85%, respectively, according to 
the performance evaluation on the NSL-KDD 
dataset. 


The internet of drones (IoD) has arisen as a new 
study subject of "drone-to-drone communication 
(D2D)" for the Agriculture 4.0 due to the 
integration of 5G systems in the burgeoning smart 
city concept [74]. In agriculture, the employment 
of many UAVs working together to accomplish a 
particular objective has enhanced production and 
decreased operating efforts . However, these 
systems are susceptible to cyberattacks, which an 
adversary may use to their advantage by stealing 
sent goods, gaining control of the system, or 
creating major disruptions. 


Thus, it is becoming more and more important to 
ensure system security, particularly in dynamic 
and decentralised drone-to-drone networks. 
Therefore, the discovery of an IDS for Agriculture 
4.0 remains very desirable. 


Artificial Bee Colony (ABC) Model-Based 


Cyber Agriculture 4.0, in which an adversary 
asserts several illicit identities by building or 
destroying IoT nodes, may face significant 
challenges as a result of the Sybil assault. A 
lightweight IDS based on the ABC model was 


presented by Murali and Jamalipour to detect the 
Sybil attack in the IoT context. The ABL model is 
employed as an optimisation method to mimic 
honey bee foraging behaviour. According to the 
simulation findings, the suggested IDS has an 
average accuracy rate of 96.8%, 95.2%, and 
94.8% for type 1, type 2, and type 3 attacks, 
respectively. Malicious nodes in the type | assault 
will focus on a single, specific location. Type 2 
attacks are made up of malicious nodes strewn 
throughout the genuine nodes, whilst type 3 
attacks are made up of mobile Sybil nodes 
dispersed around the network. The work of 
Lopez-Martin et al. [10], in which the authors 
utilise reinforcement learning to network 
intrusion detection utilising two datasets, namely 
NSL-KDD and AWID datasets, can be applied to 
handle intrusion detection in supervised issues. 
The study assessed how well the IDS model 
performed while using the double deep Q- 
network (DDQN), policy gradient (PG), 
actorcritic (AC), and deep Q-network (DQN) 
deep reinforcement learning techniques. When 
compared to other deep reinforcement learning 
algorithms, the DDQN method performed well. 


5. PUBLIC DATASETS 


To increase the sector's efficiency, the food 
business has seen a transition from highly 
networked, dependent, and independent 
operations to disconnected, stand-alone, and 
independent operations [8]. Network 
organisations are thus placed in a highly effective 
production system that is becoming more 
complicated and exposed to dangers. As seen in 
Fig. 12, connectivity in the agri-food chain 
includes the management of information assets, 
the movement of tangible and intangible 
commodities and services, and other assets. It is 
getting harder and harder to secure all of the 
resources in the agriculture sector as a result of the 
widespread and pervasive nature of this control in 
Agriculture 4.0. We provide the Agriculture 4.0 
IDS construction process in this part. 


Data Preprocessing: 


The data are initially processed to produce basic 
characteristics when they are acquired during the 
data collecting stage [4]. The feature selection 
approach, which is a pre-processing stage in 
machine learning algorithms, aims to improve or 
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even maintain the IDS's performance while 
reducing the computational cost of the 
computations by eliminating superfluous 
characteristics [5]. Every record in the input data 
must be written as a real number vector in order 
for the trained classifier to function. As a result, a 
process known as data transferring must be used 
to first translate each symbolic feature in the 
dataset into a numerical value. Data normalisation 
is the practise of scaling each attribute's value 
over a proportionate range to eliminate bias 
towards larger-valued features in the dataset. This 
can greatly improve the classification algorithm's 
performance. In order to overcome the difficulty 
of creating an intrusion detection framework from 
imbalanced intrusion datasets that is especially 
intended for the industrial control system (ICS) 
and appropriate for use in Agriculture 4.0, Khan 
et al. [7] suggested a technique termed HMLIDS. 
The method uses a modified nearest-neighbor rule 
algorithm to balance the dataset and a feature 
extraction methodology built from data 
normalisation with data feature retrieval (DFR), 
which improved the classifiers' accuracy. A 97% 
accuracy rate was demonstrated in experimental 
findings derived from a large-scale actual dataset 
generated with a SCADA system. 


Because developing technologies can integrate 
real-time data flow, historical data archives, and a 
variety of independent data analysis patterns, they 
enable more intelligent management of agri-food 
supply chains. In Agriculture 4.0, real-time data 
and automated data processing technologies 
provide new means of reacting faster to situations 
that change. As seen in Fig. 12, the activities 
related to every agricultural component are 
automatically linked, from farm to fork, into the 
food chain using new technology. There are 
certain of these components that need the 
utilisation of different data sources. Not only do 
these data need to be there, but they also need to 
function properly in all systems. 


Among the essential elements of Agriculture 4.0 
are: 


1) Smart Farming Systems: These systems are 
made to increase the effectiveness and quality of 
agricultural production by incorporating cutting- 
edge technologies into currently practised 
farming operations. Examples of these include 


intelligent crop and livestock monitoring, 
intelligent water management, intelligent disease 
management, intelligent harvesting, etc. With an 
emphasis on connecting items in the Internet of 
Things-based smart farm, it consists of various 
sensor and actuator kinds, unmanned aerial and 
ground vehicles, smart agricultural gear, and so 
on. Using installed intelligent gadgets, while 
keeping an eye on things, carrying out farm- 
related duties, and processing data. 


2) Transport Services: These services manage the 
movement of agricultural goods from the point of 
origin to the kitchen of the client, covering the 
whole supply chain. It comprises several smart 
sensor types, GPS kits, and Internet of Vehicles 
(JoV) communications, which allow cars to talk to 
one other and to public networks via interfaces 
called vehicle-to-vehicle (V2V) and vehicle-to- 
infrastructure (V2I). They make it possible to 
gather and share sensitive data on the state of 
agricultural payloads and road conditions in real 
time. 


3) Storage Entities: These organisations oversee 
all aspects of storage management. Monitoring 
systems included into cold storage systems are 
able to track changes over time in the condition of 
the agricultural goods being stored, notifying and 
warning management as soon as something 
doesn't appear right. It consists of many kinds of 
smart sensors, including humidity and 
temperature sensors. 


4) Food processors: These units produce prepared 
agricultural goods in addition to preparing fresh 
food for the market. It is made up of a sizable and 
varied collection of businesses that produce 
goods. In order to create their goods, they also 
employ agricultural raw materials or sub- 
assemblies made by other manufacturers. It is 
feasible to handle a variety of quality control tasks 
using IoT enabled equipment. Manufacturers may 
keep an eye on temperature and production levels 
for various commodities, as well as pressure 
levels and product labelling. 


5) Distributors: These services often comprise an 
organisation that buys big stocks of goods from 
manufacturers and resells them to customers. 
Distributors provide the items to customers 
whenever and wherever they choose, satisfying 
the "Time and Place" criteria. 


nner eee 


Journal of Theoretical and Applied Information Technology e 
31* May 2024. Vol.102. No. 10 
© Little Lion Scientific 


JATT 


ISSN: 1992-8645 www.jatit.org E-ISSN: 1817-3195 


6) Retailers: These companies keep lesser 
quantities of inventory that they sell to the general 
public. They also monitor the tastes and needs of 
their clients. 


Table 3. Attack Types In Cse-Cic-Ids2018 Dataset 
Category Attack Type Flow Count | Training | Test 
SSH-Bruteforce 230 184 
Brute-force 
FTP-BruteForce 611 489 
Brute Force -XSS 187589 7504 
87 70 


Web attack Brute Force -Web 93360 15469 
SQL Injection 
DoS attacks-Hulk 466664 18667 


DoS attacks-SlowHTTPTest 139890 55956 
DoS attacks-Slowloris 10990 4396 
DDOS attack-HOIC 686012 27441 
DDoS attack] DDOS attack-LOIC-UDP 1730 1384 
DDOS attack-LOIC-HTTP 576191 23048 
Botnet Bot 286191 
Infilteration Infilteration 161934 
Benign / 12697719 
Total / 15450706 | 231127 |57782 


DoS attack 


Table 4. Attack Types In Bot-lot Dataset 


Category Attack Type |Flow Count | Training | Test 


[pein | senon | o | 7004 | 1500 
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The probability of any joint configuration may Table 5. Deep Discriminative Models' Performance In 
be computed using the Gibbs distribution and Relation To Various Assault Types And Benign 


this energy function in the following ways: 


oo Se 
we 
ee 100e | 00e | roo 


where Z, the partition function, can be computed DR FTP-BruteForce 
in the manner described below: DR Brute Force -XSS 83.265% | 92.182% | 92.101% 


A D E sarees DR SQL Injection | 100% | 100% | 100% | 


100% 
MEE EDERE DR DoS attacks-Hulk 93.333% | 94.912% | 94.012% 
where the space of the visible and hidden units is DR DoS attacks-SlowHTTPTest | 94.513% | 96.123% | 96.023% 


cities by the curved letters V and V, DR DoS attacks-Slowloris | 98.140% | 98.220% | 98.120% 
respectively. DR DoS attacks-GoldenEye | 92.110% | 98.330% | 98.221% 
Performance metrics DR DDOS attack-HOIC 98.711% | 98.923% 
ii DR DDOS attack-LOIC-UDP | 97.348% | 97.118% | 97.888% 
Attack 

DRanack = DR DDOS attack-LOIC-HTTP | 97.222% | 98.122% | 98.991% 
a= E a | 97.222% | 98.122% | 98.991% | 

p men __ 
TNRBENIGN = 7y BENIGN DR Infilteration 97.518% | 97.874% | 97.762% 
SENTEN BENIGN DR Service scanning 96.428% | 96.874% | 97.102% 


TNBENIGN + FPBENIGN DR DDoS TCP 96.219% | 96.650% | 97.003% 


Prob(V,H,G) = — 


FAR= 


There are 15450706 rows in the CSE-CIC- 
IDS2018 dataset, distributed over 10 files, with 80 
characteristics per row. The following is a 
description of the contents of these files: 


File 1 "Wednesday-14-02-2018" has benign 
traffic (667626 rows), SSH-Bruteforce (187589 
rows), and FTPBruteForce (193360 rows). 

File 2 "Thursday-15-02-2018" has benign traffic 
(996077 rows), Slowloris (10990 rows) and 
GoldenEye (415008 rows) DoS assaults. 

File 3 "Friday-16-02-2018" includes benign 
traffic (442020 rows), DoS  attacks—Hulk 
(466664 rows), and SlowHTTPTest (139890 
rows). 

Estimated class bad class uplifting classroom bad 
class Actual negative (TN) Positive falsehood 
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(FP) uplifting lesson Negative falsehood (FN) A 
true positive (TP). 

The file "Thursday-20-02-2018" comprises both 
benign traffic (7372557 rows) and DDOS attack- 
LOIC-HTTP (576191 rows). 

File 5 "Wednesday-2 1-02-2018" includes benign 
traffic (360833 rows), DDOS  attack-HOIC 
(68601 rows), and DDOS attack-LOIC-UDP 
(1730 rows). 

Brute Force-XSS (79 rows), Brute Force-Web 
(249 rows), SQL Injection (34 rows), and 
innocuous traffic (1048213 rows) are all included 
in File 6 "Thursday-22-02-2018". 

File 7 "Friday-23-02-2018" includes innocuous 
traffic (1048009 rows), Brute Force -XSS (151 
rows), Brute Force -Web (249 rows), and SQL 
Injection (53 rows). 

File 8 "Wednesday-28-02-2018" includes benign 
traffic (544200 rows) and an infiltration assault 
(68871 rows). 

File 9 "Thursday-01-03-2018" has benign traffic 
(238037 rows) and an infiltration assault (93063 
rows). 

File 10 "Friday-02-03-2018" has benign traffic 
(762384 rows) and botnet attack (286191 rows). 


More than 72.000.000 entries, divided among 74 
files, with 46 characteristics per row, make up the 
BoT-IoT dataset. We employ the training and 
testing version that Koroniotis et al. [3] suggested, 
which uses 5% of the complete dataset. To 
generate a subset of training and testing, we use 
PyMongo 3.7.2 to import the files into a single 
JSON document. 


Table 6. The CSE-CIC-IDS2018 Dataset's Deep 
Discriminative Models' Accuracy And Training 
Duration With Varying Learning Rates And Hidden 
Nodes. 


Accuracy and | ONN | RNN | CNN 
training time (s) 


N= 15 
LR=0.01 
HN= 13 
9 


Parameters 


LR=0.1 Piet | 292 | 72 
LR=0.5 


HN = 30 

| 
LR=0.1 s79 | 909 | 385 
LR=05 [Time | 861 | 903 | 879 
HN = 60 
LR=0.01 
0 
Time | 1793 | 1922 | 1891| 
ACC 
ime | 1777 | 1906 | 1826 | 
HN = 100 
LR=0.01 
HN = 100 
LR=0.1 
HN = 100 
LR=0.5 


P19 | 21 | 271 


| Time - 

| ACC 2% 
| Time | 2 
[ACC 

| Time | l 

| ACC  [96.612%|96.881% |96.922% | 
| Time 

| ACC [9% 

| Time 

| ACC 9% 


Time 
ACC 
Time 
ACC 
Time 
ACC 
Time 
ACC 
Time 
ACC 
Time 


With 96.915%, it demonstrates that deep neural 
networks provide the highest true negative rate. 
For seven attack types, the recurrent neural 
network achieves the highest detection rate: 
92.182% for Brute Force - XSS, 91.322% for 
Brute Force - Web, 94.912% for DoS attacks 
against Hulk, 96.123% for DoS attacks against 
SlowHTTPTest, 98.220% for DoS attacks against 
Slowloris, 98.330% for DoS attacks against 
GoldenEye, and 97.874% for Infilteration. The 
highest detection rate for four types of assaults is 
provided by the convolutional neural network: 
DDOS attack-HOIC 98.923%, DDOS attack- 
LOIC-UDP 97.888%, DDOS attack-LOIC-HTTP 
98.991%, and Botnet 98.982%. 


6. CONCLUSION 


We examined and examined IDS for cyber 
security in Agriculture 4.0 in this research. We 
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started by outlining the risks to cyber security and 
the various criteria used to assess an IDS's 
effectiveness for Agriculture 4.0. We then 
assessed IDSs in light of new technology. 
Furthermore, we provide a thorough 
categorization of IDSs in each developing 
technology. Next, we demonstrated the openly 
available datasets and implementation 
frameworks that are relevant to the Agriculture 
4.0 IDS performance evaluation. In conclusion, 
we outlined the obstacles and potential avenues 
for further investigation in the field of intrusion 
detection for cybersecurity in Agriculture 4.0. 
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